The Keys to the Pentagon Are in the Parking Lot
|
Thanks to Gadi Evron on Twitter for pointing to what is admittedly just a rumor about how the Pentagon got hacked using USB keys. Even if it's completely false, it's something you should consider. The story is that the attackers got USB keys into the Pentagon and onto DoD computers by dropping them in the parking lot. Employees picked them up and brought them in to try to see who owned them, but at that point it's already too late. Autoplay runs the attack code, system is 0wned. Maybe it's true, maybe not, but it would be a good enough reason for the DoD to ban such devices altogether. |
Comments (6)
Wouldn't it make more sense to turn off Autoplay?
Posted by Marc Thibault | December 7, 2008 9:58 PM
That makes sense too, but USB keys are too difficult to control. It's a good idea to ban them until there's a better way to control their use.
Posted by Larry Seltzer
| December 7, 2008 10:03 PM
This might be a rumor, but it actually happened a while ago. It was a security test, and it happened in a private company (at its demand), not in the Pentagon. It read about it in Bruce Schneier's blog.
Posted by Christophe Thill | December 8, 2008 9:02 AM
The easier way is to require the use of encrypted USB keys and block any that aren't encrypted. If you plug in one that is not encrypted the applications ask if you want to encrypt it and deletes all data on it in the process if you say not to encrypt it than its blocked. We use the Guardian Edge application in the company I work for and that is how we control USB devices.
Posted by jp | December 8, 2008 9:05 AM
jp - I like that. I assume it uses AD for Windows; what abou other platforms?
Posted by Larry Seltzer
| December 8, 2008 9:09 AM
Interesting post.
Posted by Lehcar Boland | December 10, 2008 7:03 PM